MicrostockGroup Sponsors


Author Topic: Welcome Back after hack  (Read 7010 times)

0 Members and 1 Guest are viewing this topic.

« on: September 26, 2011, 04:05 »
0
Well it looks like the site is back to normal again.  The web host (where this site is stored / hosted) was hacked so the problem reached much further than just MSG. 

I don't have much time right now.. but until later, welcome back.


rubyroo

« Reply #1 on: September 26, 2011, 04:13 »
0
Hooray!  We're back!  ;D

« Reply #2 on: September 26, 2011, 04:34 »
0
I'm missing that hackers page already :)

« Reply #3 on: September 26, 2011, 04:51 »
0
The animation of the hacked page was awesome!!

Carl

  • Carl Stewart, CS Productions
« Reply #4 on: September 26, 2011, 05:04 »
0
The guy is obviously a capable computer geek, but he's an idiot because he thinks it's OK to do something like that.   >:(

« Reply #5 on: September 26, 2011, 05:05 »
0
I thought I was visiting a porn site.  :o

« Reply #6 on: September 26, 2011, 05:09 »
0
I read he wanted to break a world record and hacked into 700 000 sites simultaneously yestderday.

rubyroo

« Reply #7 on: September 26, 2011, 05:11 »
0
Ahhh... the youth of today.  Such aspirations.  ::)

I hope in time he'll put his skills towards something more constructive and less DEstructive.

« Reply #8 on: September 26, 2011, 05:30 »
0

I hope in time he'll put his skills towards something more constructive and less DEstructive.

Such as hacking into IS and FT and increase our royalties to the level that they should be. :D

« Reply #9 on: September 26, 2011, 05:31 »
0
Ahhh... the youth of today.  Such aspirations.  ::)

I hope in time he'll put his skills towards something more constructive and less DEstructive.

Me too. Lets face it, the guy is smart. Sometimes big companies employ hackers to test their systems.

« Reply #10 on: September 26, 2011, 05:33 »
0

I hope in time he'll put his skills towards something more constructive and less DEstructive.

Such as hacking into IS and FT and increase our royalties to the level that they should be. :D

Shall we make him an offer?  ;D

lagereek

« Reply #11 on: September 26, 2011, 05:50 »
0
Ahhh... the youth of today.  Such aspirations.  ::)

I hope in time he'll put his skills towards something more constructive and less DEstructive.

Me too. Lets face it, the guy is smart. Sometimes big companies employ hackers to test their systems.


Yep!  maybe IS, should employ him to once and for all sort out their best match!  mind, he would probably be too expensive. BTW, Wasnt it NASA who employed a top hacker to catch another hacker intruding NASA ?

« Reply #12 on: September 26, 2011, 06:18 »
0
Ahhh... the youth of today.  Such aspirations.  ::)

I hope in time he'll put his skills towards something more constructive and less DEstructive.

Me too. Lets face it, the guy is smart. Sometimes big companies employ hackers to test their systems.

True but not in a matter in which it was done!

« Reply #13 on: September 26, 2011, 06:18 »
0
I thought MSG had moved to bangladesh

Paulo M. F. Pires

  • "No Gods No Masters"
« Reply #14 on: September 26, 2011, 06:29 »
0
Never enter on hacked site with headphones ON :D

I was almost deaf for a hour...

digitalexpressionimages

« Reply #15 on: September 26, 2011, 07:08 »
0
the DT domain dtrank.com was hacked as well. It's still hacked as of this writing. Made me wonder if it was aimed at the stock industry but it might be a coincidence or just a world record attempt.

« Reply #16 on: September 26, 2011, 07:31 »
0
I was blind for two days... 8)

jbarber873

« Reply #17 on: September 26, 2011, 08:04 »
0
  Any word on the status of the data held by the server? I'm specifically thinking of password/username/email address data. Is that encrypted?

« Reply #18 on: September 26, 2011, 08:06 »
0
well, Kevin Mitnick (I hope this is correctly spelled) is a consultant now, after paying time in jail. In some circumstances crime pays... I understand the philosophy of hiring these very skilled people, but at the same time it's like forgiving them for the wrong things they did. One day off-line for a business, even on a weekend,  is a loss.

Anyway, it's good to have our forum back!


« Reply #20 on: September 26, 2011, 09:36 »
0
Nice to have the site back :)

« Reply #21 on: September 26, 2011, 09:43 »
0
Just when I was actually getting some work done, oh well... Seriously, though, welcome back! Regards, David.

« Reply #22 on: September 26, 2011, 09:52 »
0
  Any word on the status of the data held by the server? I'm specifically thinking of password/username/email address data. Is that encrypted?

Yes, usernames and passwords are encrypted in the database.  I couldn't even see them if I wanted to.  I don't think the hacker got ahold of any of this info either.  He hacked the whole network host (thousands of sites) .. so I really don't think he bothered scrounging the MSG database for secret passwords. 

here is what the web host wrote

Quote
As you may be aware, our network, and potentially your server, was the
target of a large scale website defacing attack this morning, Sunday,
the 25th.  The defacement worked by replacing index files in all
public_html directories with the attacker''s index.php.  At this time, it
does not appear to be any more malicious than taking over the web site''s
home page, but we are still reviewing servers at this time.

We understand the method the attacker used to accomplished this and the
main exploit path was through an internal management server that can
control Cpanel on other servers.  The management server was used to
change passwords on the Cpanel servers then login with those passwords.

It does not appear that gaining passwords was a goal or was
accomplished, just password changes were used.  Access to the management
server was gained from an exploited customer''s server that was within
our network.

Though our team moved quickly to disable the internal management server
and limit the exposure of the servers to this attack when it began, it
was a very serious breach and could have been much worse if the hacker
had intended to do more harm.

At this time, we want to be sure you are aware of the attack and your
server''s potential exposure.  Please you review your sites if you have
not already done so.  If you were affected and you need assistance
recovering the home page or other directory indexes, please contact us.

Further, if you feel your server has been targeted more in-depth than
the index.php defacement, please contact us immediately and we will do
an additional scan on your server.

Though it does not appear gaining passwords was an intent of this
attack, it is recommended that you update all of your passwords related
to your server.

Please note, our billing, domain management, and customer tracking
system (AMP) was not targeted, nor was available to the Cpanel
management server.  It is on a separate network and firewall.

Please accept our apologies as we go through this process.  We are very
aware of our failure in this situation and we will provide more details
when we have completed the work of recovery.

Again, please review your server and sites if you have not done so
already.  Reach out to us immediately if you suspect a more in-depth
attack on your server.

tab62

« Reply #23 on: September 26, 2011, 10:21 »
0
Being a former ISSO in the feds I fully understand how hackers can and will get into sites- Leaf you did a great job getting back on line! I have seen Unix or Windows servers that are fully patched get hack into with minutes on my security courses those telling me that no server is secure. Bottom line- back up often and if you are not using your computer power it down...


T

« Reply #24 on: September 26, 2011, 10:46 »
0
Glad to see were back up and running!

« Reply #25 on: September 26, 2011, 11:00 »
0
good job!

« Reply #26 on: September 26, 2011, 11:07 »
0
hmm, were there 12k members before the hacking?

« Reply #27 on: September 26, 2011, 11:12 »
0
hmm, were there 12k members before the hacking?

Yes. I noticed that a week or so ago.

SNP

  • Canadian Photographer
« Reply #28 on: September 26, 2011, 11:37 »
0
so we're certain that encrypted data weren't compromised? since our logins to sites we contribute to are kept here too...

« Reply #29 on: September 26, 2011, 12:56 »
0
Good to be back  ;D

« Reply #30 on: September 26, 2011, 13:04 »
0
Yay!
We're back!
Great :)

« Reply #31 on: September 26, 2011, 13:20 »
0
Thanks for all your work getting MSG up and running again Leaf. It must be a real pain having your Sunday ruined by some idiot hacker.

RacePhoto

« Reply #32 on: September 26, 2011, 13:34 »
0
The animation of the hacked page was awesome!!


Never saw it, I have Flash blocked until I click accept, so people can't run scripts on my computer. Just one more protection. Also, (and more of the real reason I have the flash blocker) it keeps the annoying screens from taking over, stops floating graphics spam, and keeps a whole bunch of other animated scripts from running ads. I like it! Whatever the hacker had there, I just saw the screen and dropped out.



As for what tab62 says, I used to manage a site. It was hacked through a back door in the software code (not my computer) and replaced. I brought out the backup and restored it. A few hours later the same guy came back, took it down... I ran the backup. He wrote and email and said, since you have good backups, it's no fun fooling with you. He was moving on to people who didn't do the same. :D I mean really, he had no joy when I could just restore everything in a few minutes and the server was on my desk, so that was that!

« Reply #33 on: September 26, 2011, 13:41 »
0
so we're certain that encrypted data weren't compromised? since our logins to sites we contribute to are kept here too...

You keep your login data here? I didn't think that was even possible. (or do you just mean the sites and usernames, which would be pretty easy to get other ways without hacking)

In any case, sorry things got hacked and good job getting it all back up relatively quickly Leaf.

SNP

  • Canadian Photographer
« Reply #34 on: September 26, 2011, 14:06 »
0
My mistake, I thought we included our login for the gauge thingy, but I just checked and it is username only. In any case, great work getting msg back up so fast, cheers

« Reply #35 on: September 26, 2011, 15:12 »
0
I am relieved. Thought my computer was infected with virus or something.

Glad to know everything is fine now.

« Reply #36 on: September 26, 2011, 17:25 »
0
Glad we're back and great job Leaf.

That animation freaked me out...

« Reply #37 on: September 26, 2011, 17:47 »
0
Good recovery Mav (I mean Leaf) :)

« Reply #38 on: September 26, 2011, 18:58 »
0
YAY!!!  I had no idea how much I would miss this place after this weekend.

This place is like crack and I need my daily fix  :P

« Reply #39 on: September 26, 2011, 19:26 »
0
Happy to see this place to be back up and running. Great job Leaf!

« Reply #40 on: September 27, 2011, 09:35 »
0

« Reply #41 on: September 27, 2011, 09:38 »
0
This place is like crack and I need my daily fix  :P

I haven't tried crack but I'll take your word for it.

SNP

  • Canadian Photographer
« Reply #42 on: September 27, 2011, 10:57 »
0
This place is like crack and I need my daily fix  :P

I haven't tried crack but I'll take your word for it.

lol

« Reply #43 on: September 27, 2011, 12:31 »
0
Does coffee come close?  I know all about coffee.

And gin :)


 

Related Topics

  Subject / Started by Replies Last post
9 Replies
5636 Views
Last post March 03, 2008, 17:29
by litifeta
10 Replies
4298 Views
Last post April 30, 2008, 20:56
by RacePhoto
4 Replies
850 Views
Last post April 08, 2013, 07:46
by Jeffrey
5 Replies
2166 Views
Last post October 14, 2013, 14:49
by icefront
10 Replies
1581 Views
Last post March 16, 2019, 04:54
by Desintegrator

Sponsors

Microstock Poll Results